Managing money and finding alpha is never easy. In addition to tough trading and market conditions, fund managers must also address cybersecurity risks.  Cyber-attacks against large banks generate most of the headlines, but asset managers are also targeted.  According to a 2015 report by the Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations, 74% of registered investment advisors surveyed by the SEC have experienced cyber-attacks, either directly or through their vendors.

With malware, ransomware and other cyber-attacks becoming more sophisticated, fund managers could suffer bigger losses from a data breach than a bad trade”

Given the elevated data privacy risks, private equity and hedge fund managers, together with their technology, legal and compliance teams, should protect themselves against cyber-attacks and comply with SEC, Commodity Futures Trading Commission and National Futures Association regulations by undertaking a five step plan that includes designating a chief information security officer, assessing risk, maintaining written policies and procedures, developing cybersecurity controls and developing a comprehensive information security program.

Our summary of cyber-risk management and compliance procedures appear in the July – September 2017 issue of Risk & Compliance Magazine, a publication of Financier Worldwide.  Please click on the link to read the article: Cybersecurity for Investment Managers.

Over the past decade, electronic trading and the use of automated code or algorithms to generate orders with execution times consisting of microseconds or milliseconds, otherwise known as high frequency trading, has largely replaced human floor brokers and market markers.  High frequency trading is now being reviewed by the SEC and is the subject of the CFTC’s proposed Regulation Automated Trading.  Derivations recently published an article examining high frequency trading’s risks to securities and derivatives markets, as well as potential benefits in the form of lower overall trading costs and improved resilience due to enhanced pre-trade risk controls and system safeguards.  Our article appears in the January – March 2017 issue of Risk & Compliance Magazine, a publication of Financier Worldwide.  Please click on the link to read the article: High Frequency Trading.The Path Forward for Market Liquidity and Stability.

Please click here for the most recent issue of the Information Law Journal, featuring an article in which we examine the drafting of risk factors related to distributed ledger technology (aka blockchain) in securities offerings and filings.  The Information Law Journal is a quarterly publication of the American Bar Association’s Section of Science & Technology Law Information Security and Electronic Discovery Digital Evidence committees.

The inauguration of Donald Trump as President, together with the Republican majority Congress, will trigger changes at the SEC and CFTC in 2017.   SEC Chair Mary Jo White is expected to step down in early 2017 and Michael Piwowar will likely become the acting Chair until the SEC elects a new permanent Chair.  Kara Stein, a Democrat, is presently the third SEC Commissioner.  The SEC currently has two vacant Commissioner seats.  In 2015, Barack Obama nominated a Republican and a Democratic candidate for the vacant SEC seats, but the Senate did not confirm the candidates.  The Trump administration will surely select new candidates in 2017 which will likely face a less contentious confirmation process before the Republican majority in the Senate.  The turnover at the SEC may further delay security-based swap Dodd-Frank rulemaking.

The CFTC will undergo a similar transition. In January 2017, CFTC Chairman Timothy Massad will likely step down and be replaced by CFTC Commissioner Christopher Giancarlo.  Currently, Chris Giancarlo is the only Republican CFTC Commissioner.   Sharon Bowen, a Democrat, is presently the third CFTC Commissioner.  Just like the SEC, the CFTC has two vacant Commissioner seats which the Obama administration was unable to fill.  After January 20, 2017, the Republican Party will hold three out of the five CFTC Commissioner seats.  With a majority of Republican CFTC Commissioners and a Republican controlled Congress, the potential impact on CFTC Dodd-Frank rulemaking, including perhaps on the implementation of swap margin requirements and adoption of the controversial Regulation Automated Trading, can’t be understated.

The changes at the SEC and CFTC may be magnified by leadership decisions for important committees in Congress. In the House of Representatives, Rep. Mike Conaway (R-Texas) may continue on as chairman of the House Agriculture Committee and Rep. Jeb Hensarling (R-Texas), author of the Financial CHOICE Act of 2016 (which would, among other things, roll-back parts of Dodd-Frank Act and repeal the Volcker Rule) will likely remain chairman of the powerful House Financial Services Committee. However, Rep. Scott Garrett (R-N.J.), current chairman of the Financial Services Subcommittee on Capital Markets and Government-Sponsored Enterprises was not re-elected.  It’s unknown who may rise to lead the subcommittee.  In a year that saw the Chicago Cubs win the World Series and a reality television star be elected President, the only certainties for derivatives traders, will be regime changes at the SEC and CFTC, and more regulatory uncertainty in 2017.

On September 29, 2016 the Securities and Exchange Commission (SEC) issued an extension, from October 5, 2016 to April 1, 2017, for its final rule on security based swap data repository (SBSDR) registration, duties and core principles. The extension gives SEC staff more time to review the applications of SBSDRs that would accept the security-based swap data required to be reported under the SEC’s swap reporting regime (Regulation SBSR). Thus far only two entities have submitted applications to be SBSDRs, ICE Trade Vault and DTCC Data Repository.

The SEC’s extension followed amendments, and related guidance, that the SEC published on July 13, 2016, which established a revised compliance schedule providing that the regulatory reporting requirements will not begin until the first Monday that is the later of: (1) one month after security-based swap dealers register with the SEC or (2) six months after the date on which the first SBSDR that can accept transaction reports for the particular asset class
in question registers with the SEC (Compliance Date 1). This mitigates the concerns of many buy-side commenters, which, under the SEC’s originally proposed compliance schedule, would have been required to potentially report security-based swaps prior to security-based swap dealer registration. Triggering reporting requirements off security-based swap dealer registration will alleviate a potential reporting burden for buy-side firms. Public dissemination of transactions for a particular asset class would follow three months after Compliance Date 1.

As a consequence of these modifications, a ballpark of the earliest initial compliance dates would be some time during Q4 2017. Be aware that, as with the rollout of many Dodd-Frank compliance dates, this is a moving target. However, in order to prepare for the eventual implementation of security-based swap reporting, an initial action step for financial entities that trade CDS, TRS or other swaps over single names or narrow-based indices is to comprehensively review their pool of counterparties in order to determine whether they face entities that intend to register as security-based swap dealers (or major security-based swap participants).